A network resource is an important tool for collection and dissemination of data in a collaborative environment, such as an organization. However, the data being managed may be of confidential nature and it is important for the organization to which the data belongs, to ensure data security. Any loss of such data may lead to reputation and/or revenue loss for the organization and in some cases may even lead to regulatory impacts.
A conventional method to ensure data security is use of a user identifier and a password for granting access to the network resource. The user identifier and the password are unique to each user trying to gain access to the network resource. However, a single password does not provide enough security, as the passwords are prone to being stolen through hack attacks, such as Man-In-The-Middle (MITM) attacks. Moreover, even if the password is not stolen, the data security is heavily dependent on the strength of the password. The strength of the password is in turn dependent upon the skill of the user to generate a secure password.
There have been a number of solutions provided for secure authentication of a user and one of them has been discussed below:
US20080249947A1 discloses a multi-factor authentication system using a one-time password. During a transaction, a one-time password is generated and associated with the user. The one-time password is then provided to the user through an automated teller machine. The network resource then authenticates the user on receiving the one-time password from the user.
US20070220594A1 discloses a software based method for secure access to a network resource. The method comprises collecting static and dynamic attributes associated with a user. Encrypting the static and dynamic attributes to generate a key string and transmitting the key string to the network resource. The network resource then decrypts the key string to authenticate the user.
US20020038426A1 discloses a method and system for authenticating a user using biometric information. The biometric information is collected at a client device and transmitted to a server. The server then verifies the biometric information with a record maintained at the server. On successful verification of the biometric information, the server generates a random password and sends it back to the client device. The user is then authenticated at the client device with the random password.
The aforesaid documents and other solutions may strive to provide secure systems and methods for secure access to a network resource. However, they still have a number of shortcomings and limitations. For example, the systems and methods in each of the aforesaid documents cater only to a single network resource. Further, they only provide a single additional layer of protection to a standard method of password based verification. Also, they do not provide enough flexibility to a network resource to set up its own individual authentication policy.
Accordingly, there remains a need in the prior art to have a method for secure access to a network resource which overcomes the aforesaid problems and shortcomings.
However, there remains a need in the art for a secure access method thereof which provides multi-tenancy, multiple factor authentication and allows a network resource to design its own individual authentication policy.